Skip to content

Certstrap allows looser permissions but not stricter, which can lead to security issues #136

New issue
New issue
Closed
#141
Closed
Certstrap allows looser permissions but not stricter, which can lead to security issues#136
#141
@SBell6hf

Description

@SBell6hf
SBell6hf
opened on Jan 14, 2022

certstrap/depot/depot.go

Line 116 in fda01db

if ^fi.Mode()&tag.perm != 0 {

It must be a minor mistype, however this actually allows looser permissions and prohibits stricter ones, instead of the opposite that we want.

The corrent statement should be if fi.Mode()&^tag.perm != 0 {

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions